HSBC knew about security loophole in online banking

One of Britain's biggest high street banks knew about a security loophole in its online banking service that left millions of accounts open to fraud and did nothing about it for almost two years. HSBC initially denied the defect in its computer banking but conceded yesterday that the problem had been known about since the system was introduced.

The defect, uncovered by researchers at Cardiff University and exposed in yesterday's Guardian, was the result of a conscious decision by those building the system two years ago, a spokesman for the bank said. "It wasn't there accidentally," he said. "When the system was being designed, research was done into it and the decision was made [to leave the loophole]. Often times these are judgment calls." Guardian Unlimited Technology | Technology | HSBC knew about security loophole in online banking

Linked by shanmuga Saturday, 12th August 2006 11:09PM